[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[SECURITY] Fedora Core 1 Update: subversion-0.32.1-5



---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-165
2004-06-11
---------------------------------------------------------------------

Product     : Fedora Core 1
Name        : subversion
Version     : 0.32.1                      
Release     : 5                  
Summary     : A Concurrent Versioning system similar to, but better than, CVS.
Description :
Subversion is a concurrent version control system which enables one
or more users to collaborate in developing and maintaining a
hierarchy of files and directories while keeping a history of all
changes.  Subversion only stores the differences between versions,
instead of every complete file.  Subversion is intended to be a
compelling replacement for CVS.

---------------------------------------------------------------------
Update Information:

A heap overflow vulnerability was discovered in the svn:// protocol
handling library, libsvn_ra_svn.  If using the svnserve daemon,
an unauthenticated client may be able execute arbitrary code as
the user the daemon runs as.  The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CAN-2004-0413.
                                                                                                
This issue does not affect the mod_dav_svn module.

---------------------------------------------------------------------
* Wed Jun 09 2004 Joe Orton <jorton redhat com> 0.32.1-5

- add security fix for CVE CAN-2004-0413 (Ben Reser)

---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/

85bb51a2273fe862a534db45c0f98cef  SRPMS/subversion-0.32.1-5.src.rpm
3e65c8863d12a8290465c34c9cff8c86  i386/subversion-0.32.1-5.i386.rpm
73415d6b6966fac671d44542e356a209  i386/subversion-devel-0.32.1-5.i386.rpm
e54233f3d5c996bc031cfd92c7c333ca  i386/mod_dav_svn-0.32.1-5.i386.rpm
5141615f39974fde3a0564c5d37c2fdf  i386/debug/subversion-debuginfo-0.32.1-5.i386.rpm
dfdb41c89a5d39215a461a7407acf57d  x86_64/subversion-0.32.1-5.x86_64.rpm
01d85453b31a93d7c9631af526cbc2b1  x86_64/subversion-devel-0.32.1-5.x86_64.rpm
f85473c36affcce1c4e84bde330e1f36  x86_64/mod_dav_svn-0.32.1-5.x86_64.rpm
a436f60e985c086cda8c76cb59329e57  x86_64/debug/subversion-debuginfo-0.32.1-5.x86_64.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
---------------------------------------------------------------------

Attachment: pgp00008.pgp
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]